Orchestration and Automation Helps Defense, Intelligence Personnel Tackle Higher-Level Tasks

What if you could get your hands on a force multiplier that got rid of the repetitive, routine work that was tying down your team, got more productivity out of your assembled work force, and gave everyone a more challenging, meaningful to-do list that made better use of their knowledge, experience, and passion?

That’s the ambitious but achievable vision behind Splunk Phantom, a powerful, customizable playbook automation tool that maximizes your investment in your existing security and IT Operations portfolio using security orchestration, automation, and response (SOAR).

Orchestration and automation is tailor-made to solve a problem that far too many managers at defense and intelligence agencies can identify with: You have the right personnel, they’re deeply committed to mission, but they don’t have the training, equipment, or resources to get the job done. Too many of the smart, talented security responders on your roster are tied down with repeatable, routine duties when they could be making a bigger contribution — and, honestly, having a better time on the job — if they were building and automating those processes.

To find out more, you’ll want to tune in for our orchestration and automation webinar, June 18th and available on-demand featuring Senior Cybersecurity Advisor Drew Church, who joined Splunk after nearly a decade leading DOD security operations at the operational and tactical level.

Automation: Getting More Done, Better

“Automating 90% of the Tier 1 work is about redeploying the same personnel to more mission-critical duties,” Church says. “No one is satisfied with the quantity of the work coming out of Tier 1, but with automation, you clear the routine tasks and free up humans to do real, human things. We can allow the dedicated, intelligent people at DOD to bring their unique capabilities to the forefront by getting them away from these rote processes.”

The right orchestration and automation platform “reduces the barrier to entry, allowing them to focus on the mission and the process rather than writing code. In many cases, they can complete the playbook without touching a single line of code. In others, these subject matter experts can get it 80% of the way there and pass it on to the platform experts for completion.”Church stresses that the department’s challenges with orchestration and automation go beyond the software platform. “It’s also training and background,” he explains. “These IT workers do a great job, in spite of many being in their second or third career but they may not be up to speed with the latest technology environment, where everything is code and everyone is a programmer.”

Coordinating Across Platforms

Orchestration and automation is also a cornerstone for one of the most important functions within the department: coordinating and integrating information across multiple locations and operations.

“DOD has many disparate, siloed systems, along with its share of antiquated business systems, some of them determined by federal mandates that make it hard to keep up with changing technology,” Church explains. An orchestration and automation platform can help, setting standardized knowledge management processes that might be as simple but mission-critical as combining a half-dozen emails and forwarding them to another system.

It sounds simple, yet the transition is a watershed for all concerned. The system becomes more nimble, responsive, and resilient. The employees who previously spent their days copying and pasting routine information from templates to emails (or from emails to templates) get to shift into challenging work they can feel proud of.

And the department as a whole gains efficiency and effectiveness by making better use of the data and insights it already holds.

Watch the 'Supercharge Your Operations with Orchestration and Automation' webinar now!